===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata72.html,v
retrieving revision 1.24
retrieving revision 1.25
diff -c -r1.24 -r1.25
*** www/errata72.html	2023/07/12 12:50:01	1.24
--- www/errata72.html	2023/07/19 14:13:13	1.25
***************
*** 425,430 ****
--- 425,444 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
+ <li id="p032_ssh_agent">
+ <strong>032: SECURITY FIX: July 19, 2023</strong>
+ &nbsp; <i>All architectures</i>
+ <br>
+ In ssh-agent(1)'s PKCS#11 provider support, remote execution was
+ possible due to controllable access in low-quality libraries. In
+ addition to fixing this, the ability to remotely load PKCS#11
+ libraries is now disabled by default (re-enable with
+ '-Oallow-remote-pkcs11').
+ <br>
+ <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/032_ssh_agent.patch.sig">
+ A source code patch exists which remedies this problem.</a>
+ <p>
+ 
  </ul>
  
  <hr>